Large Scale Deployments Using Ansible

This has been the Ansible messaging since the journey began. As time has gone on, the definition of simple we’re talking about may have been misunderstood...

The Ansible simplicity is about being easy to understand, learn and share. It’s about people. The often peddled notion that “Ansible doesn’t scale past 500 hosts” is shadowed by the customers we have with over 100,000 nodes under management. But the idea that scale is purely about the number of hosts isn’t recognising the greater relevance. Scale is so much more, scale is about the context in your business.

What is scale?

Technological Scale

When it comes to IT, conclusions about ‘scale’ usually equate to numbers of something technical. A frequent customer ask might go something like "We need Ansible to scale to 70,000 hosts".

Once we look into that number though, the reality is no technical operation will happen across them all at once. The jeopardy to a business of this size is too great to chance a failure of every system. Operations at large scale happen piecemeal for safety reasons – rolling updates are not only a safer way to operate, we see the results faster.

Business function, geography, application and Continue reading

Business Solutions at AnsibleFest

I’ve always enjoyed listening to how customers are solving their business challenges using Red Hat Ansible Automation. From the simple to the uniquely creative solutions, they’re always fun to hear. So every time AnsibleFest comes around, I get especially excited knowing that I’ll have the chance to hear far more than one or two stories.

This year’s AnsibleFest in Austin is expected to be the biggest ever. To cater for the many different interests of attendees, we’ve created six specific tracks with curated content sure to interest. I’ve managed to “bag” the Business Solutions track, which will contain ten talks in total.

Sifting through the hundreds of submissions (the job gets harder every year!) I’ve picked out three talks which I’m really looking forward to listening to.

1. Upgrading the backend database of a £3 billion business website on a Friday afternoon

However that panned out, it’s sure to be a great story! I’m grabbing some popcorn for this one :)

2. Using Ansible to Satisfy Compliance Controls

Security automation is a big topic these days, and the security community has come to realise the power in Ansible to help them get things done. I’ve lost count of the Continue reading

Meltdown, Spectre and Security Automation

Keeping computer systems secure is one of those never ending tasks. You could be forgiven for thinking of it like "Painting the Forth Bridge". Most of the time it's 'put new software' in place, and you're good. Every now and then it’s, well, a bit more complicated.

The first week of January saw two flaws announced, called “Meltdown” and “Spectre.” Both involved the hardware at the heart of more or less every computing device on the planet – the processor. There is a great in-depth review of the two flaws here. You can also find some additional information in this blog by Red Hatter Jon Masters.

In the complex world of IT, keeping on top of security can be less painful with the help of an easy automation tool. One of our Ansible engineers, Sam Doran, has written a couple of Ansible plays to patch systems. While Meltdown and Spectre are not completely mitigated, we'd like to share these plays with you to demonstrate how to easily deploy the patches that are available; you can find them here:

• Play for Linux targets
• Play for Windows targets

If you make any improvements to them we'd welcome pull requests!

Top Reasons To Attend AnsibleFest London 2017

I remember the first AnsibleFest I attended – it was San Francisco 2014. I had been with Ansible for a week and had flown out to meet some of my new colleagues.

As a user of Ansible for the past year, I'd discovered how cheery and helpful the community was. "Newbies" dropping by the IRC channel on Freenode were always helped out, no matter how simple the question. The community spirit is something many people comment on when first using Ansible.

I remember meeting core engineer Brian Coca for the first time at that AnsibleFest too, also a recent joiner to the company. Brian was asked that morning if he'd give a talk, a request he calmly accepted as if he'd been asked to make a cup of tea. Top tip – never miss a talk given by Brian, you will learn something new!

Later, during the happy hour, I talked with lots of attendees, many just wanting to tell us how much they'd enjoyed the day. It was great to see the open source community feel extending to our full day conferences.

Two and half years later and I still see that community spirit day in, day out. Only now it's Continue reading

Migrating the Runbook – a Journey from Legacy to DevOps

"Just type this invoice up for me will you please?" asked a sheepish looking Malcolm.

"I do have better things to do you know" I replied.

"Yes, yes, I know. But who else is going to do it?"

"Give it here then!"

In the beginning, there was a problem

That was a fairly common interaction for me as a young lad. I was fresh out of school and working my summer in the sales department of a local car dealership. My job was mostly admin related tasks, which up until that point hadn't included doing all the sales guys' typing. Our secretary had recently departed the company, and the sales guys all figured I could happily do the replacement typing jobs. The duty had fallen to me because a) I had the stereotypical 1980s glasses of a nerdy computer kid and b) they all knew I actually was a nerdy computer kid. So fair play to them for assuming I could type, I could.

The thing was I really did have better things to do, and these daily interruptions were eating into my productive time. I wanted that time back; so Continue reading

A Shiny New Way to Manage VMware Guests

Way back in March of 2015, I wrote a post about managing VMware guests with the vsphere_guest module. A lot has changed since then with VMware support, including a whole bunch of new modules for managing the VMware infrastructure itself. We've also consolidated all VMware interaction around the pyvmomi Python library, replacing the aging and no longer maintained pysphere and psphere libraries. This support even extends to the VMware dynamic inventory, you will be pleased to know!

We took the opportunity to tidy up some of the parameters used in the old vsphere_guest module, and I think the new vmware_guest module is nicer to use. A couple of handy new additional parameters are validate_certs and wait_for_ip_address. I'm sure they don't need explaining, but for the sake of clarity they allow you to connect to vCentre servers that have a self signed SSL certificate, and for the module to wait for an IP address to become visible for the new VM.

This latter parameter is especially nice, because now you can have the single module wait for the IP address, instead of having to do something clunky with a block (as I did in my main demo).

So here is Continue reading

Ansible as Automation Glue

Throughout my time at Ansible, I have endeavoured to put together pertinent demos for customers - when I was 'on the other side of the fence' I always preferred it when a vendor asked about the challenges we faced and prepared the product to show how it would help me.

A few months back a customer told us about their challenge of getting code from development into production, and how it was taking almost a third of a year. They wanted to see how Ansible could help accelerate that workflow.

Since giving that demo I've not stopped asking customers about their challenges, but nine times out of ten they come back with the same answer these days - development to production workflow acceleration. That's when I show the same demo.

After running through this so many times, I thought it might be useful to record it as a screencast to share it publicly - along with all the Ansible playbooks used to put it together. The demo runs to 18 minutes in total, but covers many aspects of how powerful and flexible Ansible is as a tool - from machine provisioning to configuration management to code deployment to interacting with various Continue reading

Simplicity – the art of automation

Ansible at IPEXPO: Simplicity – The Art of Automation

Ansible's Director of EMEA Business Development, Mark Phillips, presented at the recent IPEXPO. His talk Simplicity - The Art of Automation was recorded and he was able to combine the slides and the video.

IT infrastructures have grown in complexity over recent years as businesses seek every last competitive gain. Managing these complex infrastructures has become almost as complicated, but should it have? Could we actually gain more, by doing less?

Managing VMware vSphere guests with Ansible Tower

There are lots of ways to enable self-service VMs within an organisation - what some might call 'a private cloud'. However, these usually require layers and layers of complex software. What if you could leverage your existing hypervisor and 15 lines of code to do the same? And what if those 15 lines became an even simpler single click?

Ansible Core contains a module for managing virtual machines in VMware vSphere environments called vsphere_guest. Using this one module we can talk to an existing vSphere instance to create new VMs, clone VM templates, and control and delete VMs. Couple up a simple playbook with Ansible Tower and we can do some pretty amazing things with very little effort.

Here's our playbook to create a new virtual machine from a template in vSphere:

The really important bit that's doing the work is the 15 lines associated with the 'Create VM from template' task. Note the extensive use of variables in this play to give us lots of flexibility. We'll make use of this in Tower in just a moment.

Tower 2.1 introduced 'Surveys', which are a great way to create interactive forms for a given play. The form can Continue reading